Cyber criminals are focusing on making money online which proves that they are attacking users via phone, browser and much more. There are many Ransomware that targets the mobile users, affecting their device by locking it and demanding for some amount to unlock it. Last month a ransomware was found by Bitdefender that is used in underground market and demanding the victim to pay some amount of money to unlock their phones. Android/ Simplocker.A is the name of new ransomware detected by ESET which has the capability to access the SD card files and encrypt them and the researchers found that they are using AES encryption and demands for the certain amount of money to decrypt those files.

The following is the message that will be displayed once the Trojan attacks the android mobile device which is Russian language.

The message says that the

WARNING your phone is locked!

The device is locked for viewing and distribution child pornography, zoophilia and other perversions.

To unlock you need to pay 260 UAH.

1. Locate the nearest payment kiosk.

2. Select MoneXy

3. Enter {REDACTED}.

4. Make deposit of 260 Hryvnia, and then press pay.

Do not forget to take a receipt!

After payment your device will be unlocked within 24 hours.

In case of no PAYMENT YOU WILL LOSE ALL DATA ON your device!”

The information like IMEI number of the infected android device is sent to the server and the author of this ransomware had maintained anonymity by using C&C on TOR. Onion domain. The researchers included that there are mobile antivirus today are capable of finding the virus but unable to find similar. They also warned the users not to pay for the locked device and there is no proof that the device will be unlocked and the files will be decrypted. This is the first ransomware that decrypts the files on SD card. What do you think about the security concern for your mobile devices?